Blog on technology, news and everything under the sun

Main menu

Post navigation

Maybank2u Email Scam

Recently there has been an increase in online phishing activity, mainly targeting users of Maybank2u.com.my. Here’s one example and how to spot them in the future.

It started with me getting an email that appeared to be from maybank2u.com.my:

Both emails above are scam emails. At first glance you won’t be able to tell if it’s legitimate. But as we continue along you’ll start to see red flags popping up.

Opening up the email in gmail reveals more information from the sender. As scammers are highly unlikely to be able to compromise maybank2u’s email servers to send spam emails, they will usually use another email server but disguise the email to look like it came from Maybank2u. This is called email spoofing.

From the example above, we can see that the email originated from eigbox.net. Also, scammers are surprisingly not very good with writing proper scam emails. You can probably notice spelling and grammar errors in the scam email. This is a fairly consistent pattern and one can only wonder if they proof read their scam emails before sending them out.

Google Chrome will give us a warning if we try and visit the email link.

As you can see, the email link takes us to “impactosurf.com.br” instead of “www.maybank2u.com.my”. This should raise a very large red flag. NEVER EVER LOGIN TO YOUR MAYBANK ACCOUNT IF THE URL IS INCORRECT. If you follow this advice, you will NEVER be scammed.

Here we’ll just humour them to see what they’re up to. We first login with our username and password. Scammers will then take this information and login to your account from their computers.

Next, they ask for more information. I believe this is to make you enter your password again so they can be sure that it is the correct password.

This is the page where the action is. Remember they have already logged into your account using their computers. Now in order to perform a transaction, they will have to request for a TAC number. They will request on their side, and ask you to enter the TAC number that is sent to your mobile phone. Once they have your TAC number, they can then empty your account with a click of a button.

After you’ve given them your TAC number, they give you a friendly reminder not to log in. This is to ensure that the TAC number will remain valid until they empty your account (the TAC expires with each log in or in 30 minutes, whichever comes first). This is basically saying “don’t disturb us while we steal your funds”.

As long as there are scammers around, there will be gullible Internet users. Follow the simple guidelines below and you will never be scammed:

NEVER LOGIN FROM EMAIL LINKS.

ALWAYS MANUALLY TYPE “www.maybank2u.com.my” INTO YOUR WEB BROWSER.

ALWAYS CHECK YOUR URL. Ensure you are where you want to be by looking at the URL. Close your browser at the first sign of suspicion.

ALWAYS BE CAUTIOUS. Here’s a trick. If you’re unsure, just use a fake login on a page to test it. If it allows you to “login” that means there is no authentication at all and you’re at a scam site. Remember, the scammers don’t have your details so they won’t know if you have entered a wrong password.